Weak XOR Encryption in ARCserve NT Agents Allows Password Sniffing and Decryption

Weak XOR Encryption in ARCserve NT Agents Allows Password Sniffing and Decryption

CVE-1999-1049 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.

Learn more about our Web Application Penetration Testing UK.